Windows 10: Direct Memory Access Attack Mitigation

Discus and support Direct Memory Access Attack Mitigation in AntiVirus, Firewalls and System Security to solve the problem; The Microsoft documentation for mitigating DMA attacks includes the DataProtection/AllowDirectMemoryAccess policy. This states: This policy setting... Discussion in 'AntiVirus, Firewalls and System Security' started by SimonWoolley1, Sep 6, 2018.

  1. SimonWoolley1 Win User

    Direct Memory Access Attack Mitigation


    The Microsoft documentation for mitigating DMA attacks includes the DataProtection/AllowDirectMemoryAccess policy. This states:


    This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows.


    My question is what is covered under "hot pluggable PCI downstream ports"


    This link (https://www.synacktiv.com/posts/pentest/practical-dma-attack-on-windows-10.html) from May 2018 shows a DMA attack where they connect via an NVMe M.2 key B/M connector which gives them PCIe connectivity to carry out an attack using PCILeech.


    Would the DataProtection/AllowDirectMemoryAccess policy prevent this attack i.e. would the NVMe M.2 key B/M connector be classed as a "hot pluggable PCI downstream port" and therefore protected?

    :)
     
    SimonWoolley1, Sep 6, 2018
    #1
  2. Brink Win User

    Mitigating speculative execution side-channel attacks in Edge and IE11


    Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog


    See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
     
    Brink, Sep 6, 2018
    #2
  3. PolarNettles Win User
    BitLocker and DMA and Memory Resilience attacks?


    When you fully shut down your system then your memory controller and DIMMs are powered off. So, by definition, a DMA attack won't be possible since there's no memory to access and no path for devices to access memory.
     
    PolarNettles, Sep 6, 2018
    #3
  4. Sasqui Win User

    Direct Memory Access Attack Mitigation

    Overclocking / Undervolting guide for Vega 56 or 64?

    Here's a quick laundry list:

    List of software to use for overclocking and testing
    Examples:
    Wattman (and how to find and use it, like an overview, including profiles)
    Unigine Valley or Heaven (use this for quick testing while changing settings in Wattman and checking for stability / artifacts) ...just suggesting this
    How to monitor cores / mem speeds and temps during testing (I've seen screen overlays, and others using GPUz)

    Step-by step overclocking in Wattman
    Fan speeds
    Power limit
    Temp limit
    Voltages
    Core speeds
    Memory speeds
     
    Sasqui, Sep 6, 2018
    #4
Thema:

Direct Memory Access Attack Mitigation

Loading...
  1. Direct Memory Access Attack Mitigation - Similar Threads - Direct Memory Access

  2. Evil twin access point attacks

    in Windows 10 Network and Sharing
    Evil twin access point attacks: I am currently suffering from evil twin Ap attacks, and after looking online I've come to the conclusion that this needs the attention of the pros, as there's no way to fix the problem without Linux and a very specific group of wireless network cards which means they are...
  3. direct access

    in Windows 10 Customization
    direct access: Does direct access work on Windows 10 Enterprise 2016 LTSB? I know it does for enterprise 2015 but cant find anything on 2016? https://answers.microsoft.com/en-us/windows/forum/windows_10-other_settings/direct-access/cb6d2868-1275-4499-90f6-83144f843b3c
  4. direct access

    in Windows 10 Network and Sharing
    direct access: Does direct access work on Windows 10 Enterprise 2016 LTSB? I know it does for enterprise 2016 but cant find anything on 2016? https://answers.microsoft.com/en-us/windows/forum/windows_10-networking/direct-access/cb6d2868-1275-4499-90f6-83144f843b3c
  5. BitLocker and DMA and Memory Resilience attacks?

    in AntiVirus, Firewalls and System Security
    BitLocker and DMA and Memory Resilience attacks?: I an running BitLocker with fully encrypted OS drive with TPM only authentication. I have Sleep mode disabled with a setting: Never When not using my laptop, I power OFF my system completely. My question is, am I still vulnerable to DMA attacks if I shutdown my laptop...
  6. Access encrypted memory stick

    in AntiVirus, Firewalls and System Security
    Access encrypted memory stick: so at my school when i plugged in my memory stick, it automatically started encrypting, there was no option. now at home when I try to access it I am asked for a password. but that is saved on my account at school. what can I do? it has all my important stuff on it! 112787
  7. Win 10 Ent - Direct Access

    in Windows 10 Network and Sharing
    Win 10 Ent - Direct Access: Does anyone know where i can find info about configuring Win 10 Ent and Direct Access? We had a Win 8 Direct Access environment setup and working but abandoned it when we abandoned Win 8. I would like to get DA going again with Win 10. The servers etc. are all still in...
  8. Mitigating speculative execution side-channel attacks in Edge and IE11

    in Windows 10 News
    Mitigating speculative execution side-channel attacks in Edge and IE11: Today, Google Project Zero published details of a class of vulnerabilities which can be exploited by speculative execution side-channel attacks. These techniques can be used via JavaScript code running in the browser, which may allow attackers to gain access to memory in the...
  9. Spectre mitigations in MSVC

    in Windows 10 News
    Spectre mitigations in MSVC: Microsoft is aware of a new publicly disclosed class of vulnerabilities, called “speculative execution side-channel attacks,” that affect many operating systems and modern processors, including processors from Intel, AMD, and ARM. On the MSVC team, we’ve reviewed information...
  10. Cyber attack Knocks Out Access to Websites

    in Windows 10 News
    Cyber attack Knocks Out Access to Websites: Cyber attack Knocks Out Access to Websites So-called denial-of-service attacks can knock sites offline by flooding them with junk data, blocking the way for legitimate users Several websites including Twitter and Tumblr were unreachable during an extended period for many...